Ryan Markel

Health Check: 2018

Fair warning: this post is going to be pretty personal, and if you don’t care about my struggles with my weight and food, then you should probably just skip it and move on to the next post.

In fact, I’ll add a cut link here to encourage it unless you really do care about me, in which case, please proceed.

Yes, I want to know this stuff.
Advertisements

Don’t Let Me Drive the Chopper?

Co-op with best friends is never a bad idea.

(You’ll just need to grab that link until I can work on a better Twitch embed handler, I guess. The one I have right now doesn’t support Clips.)

If you want to potentially see more moments like this one, consider visiting my Twitch channel and following it. I try to stream at least a few times a week, and play various types of games depending on what I’m working on at the time.

Our Optimism Blinded Us

Laura Hudson for The Verge:

Ready Player One’s quixotic ideas about the future of online life aren’t unique, because nothing is unique to Ready Player One. It’s a haphazard mishmash of more meaningful and resonant pieces of culture, a callow pastiche that stands on the shoulders of more interesting works and demands the applause they’ve earned for itself. But Ready Player One is also worse than that, in quietly unexamined ways that speak to the internet’s original sin. If the book has anything to say beyond repeating a litany of cool franchises, it is believing that the internet is a sublime, inherently liberating space where allowing anyone to say and do whatever they want will lead, inevitably, toward an abstract notion of freedom. While that may have been the case for some members of society — notably the most privileged ones — in practice, it’s meant injustice and abuse for a lot of others. 

I’ve been working in the technology field for over a decade now, and what drew me to the Internet and web-based work was this same optimism. It’s taken some time—and meeting many people different from myself—to learn that it hasn’t happened that way for everyone, and in a lot of cases, has made things worse.

But I continue to work in this field and do what I can to push things forward because I believe these things are still possible. It’s just that the road is a lot harder than I thought it would be and will take different approaches than perhaps I’d previously thought.

Ready Player One is garbage, but it’s garbage that can partially reveal to us where we’ve been misguided.

On Patch Notes

Video game nerdery ahead.

It's pretty safe to say the 1.1.4 update coming to Destiny 2 tomorrow is a big deal. It's an attempt to respond to criticisms of the game's shortcomings when it comes to the gameplay tuning, pretty much across the board—and it took Bungie over six months from launch to get to.

Lots of people are looking to this patch to reinvigorate some of the game and bring some excitement back to both PvE and PvP modes. It's been termed the "Go Fast" update, because it has tweaks to player movement, ability recharge rates, and some gunplay bits.

The notes won't drop until tomorrow, but I want to take a few to talk about patch notes and what makes for good game patch notes. At least so far, Bungie hasn't provided good patch notes for a game that a lot of hardcore players study down to specific numbers. In fact, just today, one day before the update, the main subreddit for the game has been publishing or republishing a lot of numbers, like these:

These posts have very specific numbers that are based on measurements being taken by players that have no access to the underlying math of the game—they are all based on observation. There's a post like this probably every week somewhere, detailing something and including numbers to show the work.

They shouldn't have to do this all over again; post-patch, the patch notes should give them all the information they need. I'll explain. Bungie's patch notes have previously looked like this (and yes, this is a bit cherry-picked, but it's representative and is from this update):

  • Increased the base damage and reduced the precision modifier of Precision Auto Rifles
  • Slightly reduced the aim deflection of High-Caliber Rounds on Auto Rifles and Scout Rifles
  • Reduced the effectiveness of Aim Assist at higher ranges on Scout Rifles
  • Reduced severity of recoil on Hakke High-Impact Auto Rifles
  • Hand Cannon accuracy recovery now scales with rate of fire
  • Improved base Aim Assist on aggressive Hand Cannons
  • Slightly increased the rate of fire time between bursts on all Omolon Sidearms
  • Slightly increased impact damage on lightweight single-shot Grenade Launchers

These aren't good patch notes. They leave me with tons of unanswered questions.

How much more damage will my Precision Auto Rifle do now? Why are you making it less precise, and how? High-Caliber rounds deflected aim before? What do you mean, and how is that changing? How much is "slightly," and does that mean roughly the same across the various notes, or does it stand for a range of values?

Almost everything in these notes is pretty vague.

Good patch notes should:

  • Tell you what changed.
  • Tell you how much and in what direction.

Great patch notes will also:

  • Tell you why something was changed.

The best example of this is almost certainly Killer Instinct. KI had the best patch notes of any game I have ever seen, followed pretty closely by Diablo III. Here's a great example of KI patch notes that accomplish this:

Fulgore:

  • [Fulgore has been pretty difficult to balance. We’ve adjusted his rushdown, his zoning, and his instinct during Season 3 and he is still an extremely powerful character, which shows how tricky it is to find the sweet spot for him. Now that the dust has settled a bit, the team feels confident that Fulgore now has the weaknesses we intended him to have, but on the journey to this spot, we went a little far in a few areas. These buffs will not send Fulgore over the top again, but should help with some small quality of life aspects of his game.]
  • Raised Energy Bolt damage by 42% (from 7 to 10) [This gives him more zoning damage and more damage on his Energy Bolt into Teleport mixups]
  • Raised Light Cyber Uppercut damage 33% (from 15 to 20)
  • Raised Medium Cyber Uppercut damage 16% (from 12 to 14) [Usually, you’d expect the heavy version of a move to do the most damage, but in this case we wanted the reverse. The benefit of the light uppercut is the highest damage and most invulnerability, while the benefit of the heavy version is more potential damage left behind and multiple hits.]
  • Light and Medium Eye Lasers can now be Pip Cancelled into Energy Bolts. Heavy Eye Beam still cannot be. [This is a big buff to pip cancels and these versions of Eye Lasers, and as a result, his instinct mode as well.]
  • The minimum reactor spin speed has been increased slightly. It now takes about 10 seconds at the lowest speed to build one pip, instead of 12.5 seconds. [Fulgore’s weakness should be the odd way in which he gains meter. The old instinct mode gave him so much free meter per game that this weakness didn’t matter. Now that we have things functioning the way we want, we feel his default ‘slow’ meter gain is just a hair too low. Over the course of an average match, this should result in 3 to 5 more pips than you used to get.]

For real: these notes are amazing. Fulgore was a special case in that specific update, but these notes accomplish everything they should:

  • They tell you exactly what changed, and don't leave anything out.
  • They give you exact numbers for the changes, so there's no guesswork as to the extent of the changes.
  • They tell you why things were changed and what the intentions of the development team were when they made the change.

Look through the rest of that patch's notes, and you'll see more of the same. Specific, well-documented patch notes that indicate not only the exact changes made to the game, but the thought process behind them.

And look: I know these are two different game genres. One is a 2D fighting game with a limited amount of movement on a plane, and the other is a 3D first-person shooter with lots of complicated environmental and player-vs-player interactions to keep in mind.

But when you get down to it, it's still adjusting math and systems. This information is available to someone, somewhere. (If it's not available internally, there are other problems afoot.) And this goes not just for Destiny 2, but all games: please don't use vague terminology when you patch your games. (Capcom with SFV is another notable offender here.) Tell your players what you are changing, whether it was a bug you fixed or is a new adjustment, and why you are making the change and what you hope to accomplish with it.

They'll most likely appreciate it.

WordCamp US 2017 Presentation: Security, The VIP Way

This past Friday, I gave a 20-minute presentation on WordPress security, giving a high-level overview of things you can do to help keep your sites secure.

The Presentation

Here's a SlideShare embed of the presentation deck:

And you can download the Keynote source file for my presentation, including presenter notes.

Twitter Questions

As part of my talk, I asked attendees to submit any questions they might have had via Twitter using the hashtag #wpvipsec. Here are the questions I received, and some brief answers to them as best I can provide.

As we have been transitioning some of the WordPress.com VIP platform to our next-generation VIP Go platform, we've had to reinvent some of this stuff slightly. :) You'll be pleased to know that we have made the mu-plugins we use on VIP Go publicly-viewable on Github, and you can see our custom two-factor module here.

I don't know very much about securing sites via VPN, but I'm assuming here that you have site access (even front-end) locked to internal IPs only based on that VPN connection. That should handle a large portion of your security from outside attack, assuming the VPN is using appropriate security precautions.

At this point, your chief enemy is likely to become human error. This is where portions of the talk surrounding things like limiting user capabilities and access to certain settings pages can really help you out. Making sure your users are following good account security processes for connecting to the VPN is also critical.

As I suggested in the Q&A after the talk, I highly recommend that user roles and capabilities be in your WordPress engineering toolbox. They are enormously useful.

Multisites are interesting because they have additional layers of user access. Let's look at the two admin roles:

Super Admin: This should be as limited as humanly possible. The only users who should have superadmin powers on a multisite IMO are system administrators, your development team, and support users who will be assisting other users with account-level actions regularly. (An additional user or two might be necessary if you have people who need to spin up new sites on-demand rather than contacting your support team.) You should certainly require two-factor authentication here, and if you can require proxy or VPN access at this level, you absolutely should look into that as an option.

Administrator: This is going to be on a site-by-site basis within the multisite. If you can craft custom roles and their capabilities finely enough for your needs so that non-development users who are "in charge" of a site can use those roles instead of full admin, you should absolutely do this. Ideally, this user group and the Super Admin user group are as close to identical (and as limited) as possible.

The remainder of the roles are easier to parse. I'd like to especially recommend here (as I did during the talk) the use of an audit trail plugin; as you will have many users working on sites, and some with superadmin powers, the helpfulness of knowing which users performed which actions increases.

Additional Questions?

If you have any questions that haven't been covered above or in the talk, please send me a reply on Twitter and I'll be happy to drop them in the post and let you know when I have updated it.

I'll be updating this post occasionally with new information, as well as a link to the talk's video archive when it's available. To be notified of this, please either follow my blog or follow me on Twitter.

Destiny Discussion Stream: Bungie’s December Roadmap Post

Bungie dropped a pretty big blog post today regarding where they are with updates and changes to Destiny 2, which seems to be in a spot with some hardcore players.

My son and I hopped in-game tonight and had a chat about the changes while we were playing. We keep things positive and talk about the changes and a bit about the things others seem to want but aren’t yet getting (and may not get).

Garden Glow 2017

We took the family to the Missouri Botanical Gardens this evening for the yearly Garden Glow, where the front half of the grounds is lit up with various Christmas light displays.

I took a host of pics with my phone and didn’t do any editing on them—just posting them up now because if I wait much longer, I won’t make the post. :)

If you are in the St. Louis area, I highly recommend the walk; it’s quite nice and it’s very different being in the gardens at night, which you normally cannot do.

Bracket Running: Avoiding Disappearing Players

Bear dropped this on Twitter in reply to PerfectLegend, and I thought it worth it to mention something about how I handle it. Using this method, I have never had a problem with the following problem:

Here’s how you make this less of a problem:

Talk about this with your players before you start your bracket.

Issue clear expectations for things like bathroom and smoke breaks, because players will ask you for these things. Let them know that they need to ask for them immediately after one of their matches, and that you have to OK them by looking at the bracket and seeing what time is available for people to do so. Also let them know that when you and they agree on a time limit for these activities, and they go over the time limit, they can be DQ’d.

Know where you are in the bracket and how long matches take.

You can’t be honest with players regarding the time available to them for a break unless you know how much room you have in a bracket for those things. You’re generally only going to be able to give them break time in the first couple of rounds, because that is the only time you have a lot more matches to play than stations.

Make sure you are playing out matches by rounds as much as possible to give players time to rest between their matches. Don’t run one person way through the bracket before you have had other players get their matches in.

Write breaks down on the bracket sheet or a notebook/notepad (if using electronic bracketing, which you shouldn’t be in most cases), and make sure the player sees you do it.

When I have a player ask for a break, I talk to them briefly about what they are leaving to do and ask them how long it will take them to do it. I check the time on my watch, and then tell them exactly when I expect they will be back for their next match. I then write their player name and the agreed-upon return time on the bracket, showing them as I do this, and let them go have their break.

This becomes a two-way agreement; I let them take the break, and they agree they’ll be back by that time. If they aren’t back by that time, I generally give them two to three minutes’ grace period before issuing a DQ loss. (This also means that when budgeting the time for their break, I give them two to three minutes less than I actually have for them.)

Above all, be fair and respectful.

Before every bracket I run, I set expectations that I’m going to respect players’ time, and that in return, I expect certain courtesies from them. It’s only in partnership with your players that you’ll be able to run an efficient and well-received bracket. Respect your players’ time and communicate with them clearly, and they will respect the decisions you may have to make.